Cyber, the short version

thaddeus t. grugq
Mar 25, 2018 · 1 min read

Cyber is a domain of conflict, not a style of operation. IO is one style, but it’s not like the threat of a Stuxnet or a NotPetya event just ceases to exist.

While the Americans are throwing a fit about Russian IO over social media and the press, there was a serious attack against ICS systems in Saudi that almost caused an explosion.

Operations in an information environment can be: active, passive, physical, cognitive, and probably more too…

Stuxnet had an IO component that ppl forget about, it presented false information to admins saying the system was fine.

  • The Americans saw Stuxnet as proof that they could hit any system.
  • The Russians saw Stuxnet as proof that people will believe computers over their lying eyes.

And they’re both correct.

But the Russian view allows for creative operations. The American view allows for resting on your laurels. They thought that because they destroyed something with cyber they were the pinnacle of cyber warriors. That they knew the domain best.

But that’s false, they got their asses kicked in 2016 because they didn’t consider posting lies on Facebook as a cyber threat vector.

thaddeus t. grugq

Written by

Information Security Researcher :: https://gru.gq :: keybase.io/grugq :: https://www.patreon.com/grugq

More From Medium

More from thaddeus t. grugq

More from thaddeus t. grugq

Russian propaganda isn’t even good

More from thaddeus t. grugq

More from thaddeus t. grugq

Meme game on fleek? Yeah, nah

Top on Medium

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade